CIT150 - Cyber Security Principles

Welcome to Cyber Security Principles

Returned Assignments

Assignments:

Projects:

Look Around

Everything that you need to know about this course is on this site. This
includes policies, assignments, quizzes, and much more information.
Look around and get to know it well.

This course will also make use of eLearning.
Please make sure you visit it regularly.

Notices

Course Changes

Due to the coronavirus, life has changed for us all. Courses at Bristol are
changing as well. Please make sure to check your BristolCC email as I will
be using it for class communication. Also make sure to check eLearning,
accessBCC, www.bristolcc.edu and this website on a regular basis.
Posted: March 29, 2020.

Text

Please note that I use Cengage texts for CIS134 and CIT150.
Cengage Unlimited is a subscription option that could
reduce your cost.

Microsoft Azure Dev Tools for Teaching

For Bristol students, on February 14, 2019 the Microsoft Imagine web store was officially renamed to Microsoft Azure Dev Tools for Teaching. Software that was previously available from Microsoft Imagine has been moved and is now available on this new web site. At this time, anyone with a bristolcc.edu email address can sign into MS Azure Dev Tools for Teaching.
An announcement has been posted on the
cisweb home page about the new change. In addition, the links on the
cisweb software tab
have been update. Once there, click on the "Help" button for more instructions for signing into Microsoft Azure Dev Tools for Teaching and downloading software.

Essential Security Certificates

Ultimate Guide to VPN Encryption

An article titled OpenVPN vs IKEv2 vs PPTP vs L2TP/IPSec vs SSTP - Ultimate Guide to VPN Encryption Written by Douglas Crawford begins by saying
"A Virtual Private Network (VPN) encrypts all data as it travels between your computer and a VPN server. In this Complete VPN Encryption Guide, we take a detailed look at what encryption is, and how it is used in VPN connections.Perhaps most importantly, we will explain the array of encryption terms used by VPN services"
Click on the link above to read the entire article.

DHS Security Alert to DNS Hijacking Attacks

In his article, The DHS issues security alert about recent DNS hijacking attacks,
Catalin Cimpanu for Zero Day begins with "
The US Department of Homeland Security (DHS) has published today an "emergency directive" that contains guidance in regards to a recent report detailing a wave of DNS hijacking incidents perpetrated out of Iran."
Click on the link above to read the entire article.

The Equifax Breach

In his article, The Equifax Breach: What You Should Know,
Brian Krebs begins with "
It remains unclear whether those responsible for stealing Social Security numbers and other data on as many as 143 million Americans from big-three credit bureau Equifax intend to sell this data to identity thieves. But if ever there was a reminder that you — the consumer — are ultimately responsible for protecting your financial future, this is it. Here’s what you need to know and what you should do in response to this unprecedented breach."
Click on the link above to read the entire article.

Supply-Chain Security Problem

In his article, Software Has a Serious Supply-Chain Security Problem,
Andy Greenberg begins with "The warnings consumers hear from information security pros tend to focus on trust: Don't click web links or attachments from an untrusted sender. Only install applications from a trusted source or from a trusted app store. But lately, devious hackers have been targeting their attacks further up the software supply chain, sneaking malware into downloads from even trusted vendors, long before you ever click to install."
Click on the link above to read the entire article.

Cyber Resilience

In their article, Why Cyber Security Is Not Enough: You Need Cyber Resilience,
Matthew Goche and William Gouveia presents rational and plan for Cyber Resilience. They begin
"It’s true. Cyber attackers have an edge on you. Just look at recent incidents of credit card information being stolen from Target and SnapChat users' names and cell phone numbers being published online."
Click on the link above to read the entire article and/or get the 4 steps to cyber resilience below. &nbsp &nbsp &nbsp &nbsp 4 Steps to Taking Control with Cyber Resilience"

Encryption is not the enemy

"Our politicians help the terrorists every time they use fear as a campaign tactic.... The surest defense against terrorism is to refuse to be terrorized. Our job is to recognize that terrorism is just one of the risks we face, and not a particularly common one at that. And our job is to fight those politicians who use fear as an excuse to take away our liberties and promote security theater that wastes money and doesn't make us any safer. "
Security expert Bruce Schneier as quoted by Caroline Craig, InfoWorld - Read More

Take a look. What do you think? Come prepared to discuss.

After Paris: Liberté demands unlimited encryption

"The neocons are at it again: After the tragedies of the terrorist attacks in Paris last Friday (and Beirut
the day before), they're arguing that governments need to be able to access all communications from everyone,
purportedly to protect us from future terrorist attacks"
By Galen Gruman, InfoWorld - Read More

Take a look. What do you think? Come prepared to discuss.

NSA uses the vulnerabilities to make its own cyber-attacks

"The U.S. National Security Agency, seeking to rebut accusations that it hoards information about vulnerabilities
in computer software, thereby leaving U.S. companies open to cyber attacks, said last week that it tells U.S.
technology firms about the most serious flaws it finds more than 90 percent of the time. -- "
Reuters - Read More

Take a look. What do you think? Come prepared to discuss.

Revealed: how US and UK spy agencies defeat internet privacy and security

"US and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds
of millions of people to protect the privacy of their personal data, online transactions and emails, according to
top-secret documents revealed by former contractor Edward Snowden."
The Guardian - Read More